Facebook's Two Factor Authentication May Be A Bug

Facebook Spamming Users with 2FA

Facebook keeps coming in the news sometimes for good reasons and sometimes for all the bad ones. A number of moves from social-media platform were not more than an engagement-attaining stunt. Among a number of such incidences, the giant has once again created headlines and this time not for the good reason. The social-networking channel’s two-factor authentication system seems to be something that none of us noticed quite literally but Bay area software engineer Gabriel Lewis didn’t fail to report the issue.

Earlier this week, Lewis found out Facebook is using the same phone number that he used for the two-factor authentication. Facebook 2FA offers a secure way to login to your account by asking for the secondary confirmation to verify that it is the real user logging to the account and no one else. However, Lewis received notifications when one of his friends posted something on Facebook (the fact being he never signed up for any such proposal). Even worse, replying to these messages with “please stop” auto-post these messages to user’s profile and the messages did not stop either.

Just after Lewis reported the problem, a number of users seemed to face similar concerns, which they tweeted later after the incidence came into the light. Prominent technology critics have tweeted about the same condemning Facebook of such a behavior that in no scenario can be justified by the giant social-networking website.

Facebook’s move only predicts that the giant networking-site can do anything and may be everything to get the users on board, which can also be not justified. However, there is a legal layer to this as well. Facebook is already facing a number of lawsuits for violating terms and conditions that TCPA Or Telephone Consumer Protection Act prescribes that no company may contact the users via text without having their permission. Additionally, Facebook has also been seen spamming users with the messages on their birthdays even when they have opted out of such notifications.

However, it is not clear whether the recent move is a spam or just a bug that even Facebook was not aware of. However, if the company is intentionally doing it, it directly opens Facebook to face more lawsuits.

One of Facebook’s representatives has said that the company is looking into the matter but no official statements were made on the similar issue from the giant networking site. The statement reads like, “We give people control over their notifications, including those that relate to security features like two-factor authentication. We’re looking into this situation to see if there’s more we can do to help people manage their communications. Also, people who sign up for two-factor authentication using a U2F security key and code generator do not need to register a phone number with Facebook.”

Being a Senior Technical Writer at MobileAppDaily, Neha Baluni loves jotting down her piece of opinion for the advancing technology in mobile app world. Having a journalism background, she is a writer by day and a reader by night. Her passion for writing covers different categories of technical and non-technical genre. In addition to writing, Neha loves traveling a lot.